F-Secure
Tools
Trojan:W32/Agent.A
| Name : | Trojan:W32/Agent.A |
| Detection Names : | Trojan-clicker.html.agent.a |
| Category: | Malware |
| Type: | Trojan |
| Platform: | W32 |
Summary
A trojan, or trojan horse, is a seemingly legitimate program which secretly performs other, usually malicious, functions. It is usually user-initiated and does not replicate.
Disinfection
Allow F-Secure Anti-Virus to disinfect the relevant files.
For more general information on disinfection, please see Removal Instructions.
Additional Details
Trojan:W32/Agent.A redirects infected machines to specified advertisement websites, resulting in unwanted pop-up advertisements and banners being displayed on the machine.
Agent.A arrives on the system as an HTML script file, which is saved to the Temporary Internet Files directory.
Activity
Upon execution, Agent.A displays a blank web page to hide its actual content.
It attempts to bypass pop-up blockers such as the following:
It also adds the following cookie:
This is used to track user's browsing habits.
Agent.A arrives on the system as an HTML script file, which is saved to the Temporary Internet Files directory.
Activity
Upon execution, Agent.A displays a blank web page to hide its actual content.
It attempts to bypass pop-up blockers such as the following:
• Norton Internet Security popup blocker
• Internet Explorer Popup blocker
It also adds the following cookie:
• PayPopUpAds
This is used to track user's browsing habits.